Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/A-Xb4AQpAbHSzhoZAvBaUv5qct8.roa
File: A-Xb4AQpAbHSzhoZAvBaUv5qct8.roa (raw, json)
Hash identifier: leqdnBHsGabLEX2bbJWJSk9W96XWwIB6KZOgwo5ZnQ0=
Subject key identifier: 03:E5:DB:E0:04:29:01:B1:D2:CE:1A:19:02:F0:5A:52:FE:6A:72:DF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 13C4D733
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/A-Xb4AQpAbHSzhoZAvBaUv5qct8.roa
Signing time: Wed 16 Feb 2022 12:41:23 +0000
ROA not before: Wed 16 Feb 2022 12:41:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31732
IP address blocks: 212.90.100.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
45.139.6.0/23 maxlen: 24
193.36.72.0/23 maxlen: 23
46.249.97.0/24 maxlen: 24
46.249.98.0/23 maxlen: 23
46.249.104.0/21 maxlen: 21
46.249.100.0/22 maxlen: 22
46.249.112.0/21 maxlen: 21
45.150.140.0/22 maxlen: 22
188.209.155.0/24 maxlen: 24
82.115.0.0/21 maxlen: 24
185.59.114.0/23 maxlen: 24
185.129.108.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331667251 (0x13c4d733)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 16 12:41:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03e5dbe0042901b1d2ce1a1902f05a52fe6a72df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:11:b1:32:00:60:90:24:e7:da:09:e7:12:4f:
86:31:bd:4f:dd:09:5d:f0:b9:02:ec:12:97:22:63:
6b:23:64:71:90:ff:0a:62:80:39:10:6f:0a:2e:25:
c3:3f:e7:ce:0d:e4:45:a7:e1:25:49:21:90:5e:9c:
94:70:91:d7:09:2b:67:53:f4:6f:e7:e6:b0:b9:1b:
e1:05:53:ed:9d:fc:87:66:19:ca:52:0d:79:07:0f:
a3:36:fa:a0:ce:6e:a6:11:14:89:7d:7e:73:fd:61:
03:58:7c:de:5a:be:28:74:65:cc:60:71:bd:d6:23:
92:d3:01:2f:8b:44:f5:30:c2:31:a5:a0:29:e4:d5:
cc:cf:0d:49:32:93:8a:c7:47:df:42:c4:5f:f3:45:
c0:96:58:4c:66:49:68:2d:a6:8f:67:de:a2:b5:af:
88:67:8f:a4:97:11:4b:8b:6d:07:e0:81:19:f7:87:
44:ec:6c:59:06:2d:65:47:db:cb:d6:4b:2b:78:0f:
eb:5d:99:54:4a:25:98:14:6b:43:3f:fb:c3:54:b5:
b6:f6:a0:79:c4:4b:11:86:ca:22:1d:37:08:54:b8:
33:2a:ff:e6:c0:6c:8e:9a:de:ca:4c:6d:cc:e0:8c:
09:f0:39:af:08:9f:5f:b6:9e:b5:75:20:b6:f5:de:
40:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E5:DB:E0:04:29:01:B1:D2:CE:1A:19:02:F0:5A:52:FE:6A:72:DF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/A-Xb4AQpAbHSzhoZAvBaUv5qct8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
45.150.140.0/22
46.249.97.0-46.249.119.255
82.115.0.0/21
185.59.114.0/23
185.129.108.0/22
185.220.236.0/22
188.209.155.0/24
193.36.72.0/23
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:f2:e0:0c:ba:9b:0a:f7:8b:6d:46:79:18:bc:2e:12:be:39:
51:4e:90:3d:c5:30:11:6c:da:ef:5e:5a:ff:ac:4d:48:3e:a5:
fa:40:5b:57:8e:dd:62:a9:ba:ad:3b:82:e4:db:71:2d:a5:a9:
dd:23:8a:01:39:33:7e:52:5c:f5:bc:17:e8:3e:9d:7f:ba:30:
93:0c:d7:09:d3:43:a8:32:9a:ad:0c:5b:d5:04:23:28:ea:44:
08:e7:5f:23:fe:39:e1:2c:b8:11:b2:d6:f8:dd:62:9f:4c:c9:
c8:2d:d4:3d:8f:b5:02:65:a3:a7:43:32:8d:3c:e1:69:42:52:
52:e0:c1:1e:98:0a:ae:7b:cf:91:5b:98:92:4b:3c:cc:25:62:
1f:98:2d:a7:43:52:9c:80:3e:5d:6a:e5:4a:ab:ee:0b:45:07:
7c:59:f1:b5:38:98:8f:08:1c:53:a4:ec:a8:5c:e3:4e:4c:24:
b8:94:15:9c:6a:c5:9f:e9:53:4c:0a:97:30:05:f6:29:de:16:
0e:2e:be:f0:c3:b8:37:00:40:78:5f:33:0b:38:24:47:aa:bb:
16:e1:17:70:71:5f:c6:44:2b:d8:8d:29:31:fb:93:43:1d:f6:
46:d9:d8:7a:7e:47:35:20:25:ce:9a:20:5d:cf:7a:05:47:bc:
a4:f3:cc:58
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEE8TXMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDIx
NjEyNDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDNlNWRiZTAwNDI5
MDFiMWQyY2UxYTE5MDJmMDVhNTJmZTZhNzJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQRsTIAYJAk59oJ5xJPhjG9T90JXfC5AuwSlyJjayNkcZD/
CmKAORBvCi4lwz/nzg3kRafhJUkhkF6clHCR1wkrZ1P0b+fmsLkb4QVT7Z38h2YZ
ylINeQcPozb6oM5uphEUiX1+c/1hA1h83lq+KHRlzGBxvdYjktMBL4tE9TDCMaWg
KeTVzM8NSTKTisdH30LEX/NFwJZYTGZJaC2mj2feorWviGePpJcRS4ttB+CBGfeH
ROxsWQYtZUfby9ZLK3gP612ZVEolmBRrQz/7w1S1tvagecRLEYbKIh03CFS4Myr/
5sBsjpreykxtzOCMCfA5rwifX7aetXUgtvXeQN0CAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBQD5dvgBCkBsdLOGhkC8FpS/mpy3zAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L0EtWGI0QVFwQWJIU3pob1pBdkJhVXY1cWN0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAS2LBgMEAi2WjDAMAwQALvlhAwQD
LvlwAwQDUnMAAwQBuTtyAwQCuYFsAwQCudzsAwQAvNGbAwQBwSRIAwQC1FpkMA0G
CSqGSIb3DQEBCwUAA4IBAQA/8uAMupsK94ttRnkYvC4SvjlRTpA9xTARbNrvXlr/
rE1IPqX6QFtXjt1iqbqtO4Lk23EtpandI4oBOTN+Ulz1vBfoPp1/ujCTDNcJ00Oo
MpqtDFvVBCMo6kQI518j/jnhLLgRstb43WKfTMnILdQ9j7UCZaOnQzKNPOFpQlJS
4MEemAque8+RW5iSSzzMJWIfmC2nQ1KcgD5dauVKq+4LRQd8WfG1OJiPCBxTpOyo
XONOTCS4lBWcasWf6VNMCpcwBfYp3hYOLr7ww7g3AEB4XzMLOCRHqrsW4RdwcV/G
RCvYjSkx+5NDHfZG2dh6fkc1ICXOmiBdz3oFR7yk88xY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org